Chrome Password Manager shows all your passwords
Are you using Chrome Password Manager?
If the answer is 'Yes', do you know that that anyone who has access to your machine can view the passwords you have saved in Chrome?
All you need to do is go to chrome://settings/passwords and press the "show" button next to any saved password. It will show your saved password in clear text.
now you must be wondering that it is a big time defect. No! Do you know that google says that this is an intended behavior. Per Google, it's how the password manager is supposed to work. In fact, it's the only way it can work.
Per Google Chrome password manager works by remembering the username and password and then fills that at the login screen. The password must be in clear text, otherwise browser wouldn't be able to us that with the remember me feature.
Of course, you can't read the password that's been auto-filled in the input field since characters are replaced by asterisks. But that's a very basic method of protection; the real characters are still available through a number of tricks.
Now, what do you say?
DO you think Using Chrome Password Manager is safe? or do you have any other tricks that you would like to suggest Google?
-CB
If the answer is 'Yes', do you know that that anyone who has access to your machine can view the passwords you have saved in Chrome?
All you need to do is go to chrome://settings/passwords and press the "show" button next to any saved password. It will show your saved password in clear text.
now you must be wondering that it is a big time defect. No! Do you know that google says that this is an intended behavior. Per Google, it's how the password manager is supposed to work. In fact, it's the only way it can work.
Per Google Chrome password manager works by remembering the username and password and then fills that at the login screen. The password must be in clear text, otherwise browser wouldn't be able to us that with the remember me feature.
Of course, you can't read the password that's been auto-filled in the input field since characters are replaced by asterisks. But that's a very basic method of protection; the real characters are still available through a number of tricks.
Now, what do you say?
DO you think Using Chrome Password Manager is safe? or do you have any other tricks that you would like to suggest Google?
-CB
Replies
-
Kaustubh KatdareThat bug has existed for a long time. Double authentication is the way to address all the password theft issues. -
Sarathkumar ChandrasekaranYou have created a big awareness buddy.better avoid "save password" screen.😲
-
Nayan GoenkaWell I am shocked to know that most people didnt know this. Of course you can see your saved passwords. There was a concept in design while developing the cloud based Chrome that you need a verification code in order to review security settings in the browser. They should separate history, cookies, cache, autofill and password monitoring into a different tab which is regualarly synced and needs a master password for editing.
-
Jeffrey ArulrajSeriously an eye opener mate I never want my family members to troll through my personal mail id and stuff Thanks for the share
Well Data once stored in Internet can't be erased completely right Does this hold good here as well -
Nayan Goenkathat is the whole reason why people dont allow others to touch their laptops/computers. What is the real data they dont want to lose, apart from accounts and business related, Browser data is extremely crucial. It has a lot of cookies and cache saved which may contain security details and licenses which are authorized to other accounts. This can be used to hack others. Many people say I dont have anything confedential in my email so I dont care if anyone hacks me. But what they miss is that the aim of the hacker was not to hack you but to use your account to hack someone more important. Who goes in jail if caught?? You. This is a major chapter when you learn about software and cyber security.
You are reading an archived discussion.
Related Posts
NASA says that they're planning to send a robot to Jupiter's Moon called Europa. The photos clicked by Voyager 2 spaceship have given the scientists a 'clear' idea that there's...
We all know that the cloud computing is the next big thing!
There are many things that are easier to do in the cloud, but do you think managing the...
Please be patient with this stupid idea.I always wonder about the structures,buildings and science behind it But I want to know how much water get wasted in a restrooms due...
Mobile is the next biggest thing is the software market and already more than 60% of the big business is drifting towards mobile. This makes the mobile testing of the...
The recently launched Windows Server 2012 is doing wonders in server world. Windows has made an excellent attempt towards perfecting the Server Editions by rectifying their known issues. One of...